#!

###########################
# Log Settings 
###########################
config log setting
set resolve-ip enable 
set resolve-port enable 
set log-user-in-upper  disable 
set fwpolicy-implicit-log enable 
set fwpolicy6-implicit-log disable 
set log-invalid-packet disable 
set local-in-allow enable 
set local-in-deny-unicast disable 
set local-in-deny-broadcast disable 
set local-out enable 
set daemon-log disable 
set neighbor-event disable 
set brief-traffic-format disable 
set user-anonymize disable 
end
###########################
# Log Settings Gui
###########################
#
# FortiAnalyzer is used for Log. If you change to "memory"
# Log change "set location memory".
#
config log gui-display
set resolve-hosts enable 
set resolve-apps enable 
set fortiview-unscanned-apps enable
set fortiview-local-traffic enable 
set location fortianalyzer
end
###########################
# Log Settings Global Eventfilter
###########################
config log eventfilter
set event enable 
set system enable 
set vpn enable 
set user enable 
set router enable 
set wireless-activity enable 
set wan-opt enable 
set endpoint enable 
set ha enable 
set compliance-check enable 
end
###########################
# Log Settings null-device
###########################
# 
# Configure logging for statistics collection for 
# when NO external logging destination, such as 
# FortiAnalyzer, is present (data is not saved).
#
# If you use "memory" Log activate "null-device".
#
config log null-device setting
set status disable
end
#
###########################
# Log Settings Device FortiAnalyzer
###########################
#
# If you use "memory" Log deactivate FortiAnalyzer
# with "set status disable".
#
config log fortianalyzer setting
set status enable 
set ips-archive  enable 
set server 4.4.4.4
set enc-algorithm default
set conn-timeout 10
set monitor-keepalive-period 5
set monitor-failure-retry-period 5
unset source-ip
set upload-option realtime 
set reliabl enable
end
config log fortianalyzer2 setting
set status disable 
end
config log fortianalyzer3 setting
set status disable 
end
config log fortianalyzer filter
set severity information 
set forward-traffic enable 
set local-traffic enable 
set multicast-traffic enable 
set sniffer-traffic enable 
set anomaly enable 
set voip enable 
unset filter
set filter-type include 
end
# config log fortianalyzer2 filter
# set severity information 
# set forward-traffic enable 
# set local-traffic enable 
# set multicast-traffic enable 
# set sniffer-traffic enable 
# set anomaly enable 
# set voip enable 
# unset filter
# set filter-type include 
# end
# config log fortianalyzer3 filter
# set severity information 
# set forward-traffic enable 
# set local-traffic enable 
# set multicast-traffic enable 
# set sniffer-traffic enable 
# set anomaly enable 
# set voip enable 
# unset filter
# set filter-type include 
# end
###########################
# Log Settings Device Memory
###########################
#
# If you use FortiAnalyzer Log disable "memory" Log.
#
config log memory setting
set status disable
set diskfull overwrite
end
#
# If memory log is used set max-size as
# warning threshold.
#
# For "max-size" value "bytes" are used.
#
# config log memory global-setting 
# set max-size 65536
# set full-first-warning-threshold 75
# set full-second-warning-threshold 90
# set full-final-warning-threshold 95
# end
#
config log memory filter 
set severity information 
set forward-traffic enable 
set local-traffic enable 
set multicast-traffic enable 
set sniffer-traffic enable 
set anomaly enable 
set voip enable 
unset filter
set filter-type include 
end
###########################
# Log Settings Device Syslog
###########################
config log syslogd setting
set status disable
# set server 0.0.0.0 
# set reliable disable 
# set port 514
# set csv disable 
# set facility local0 
# unset source-ip
end
config log syslogd2 setting
set status disable
end
config log syslogd3 setting
set status disable
end
config log syslogd4 setting
set status disable
end
config log syslogd filter 
set severity information 
set forward-traffic enable 
set local-traffic enable 
set multicast-traffic enable 
set sniffer-traffic enable 
set anomaly enable 
set voip enable 
unset filter
set filter-type include 
end
config log syslogd2 filter 
set severity information 
set forward-traffic enable 
set local-traffic enable 
set multicast-traffic enable 
set sniffer-traffic enable 
set anomaly enable 
set voip enable 
unset filter
set filter-type include 
end
config log syslogd3 filter 
set severity information 
set forward-traffic enable 
set local-traffic enable 
set multicast-traffic enable 
set sniffer-traffic enable 
set anomaly enable 
set voip enable 
unset filter
set filter-type include 
end
config log syslogd4 filter 
set severity information 
set forward-traffic enable 
set local-traffic enable 
set multicast-traffic enable 
set sniffer-traffic enable 
set anomaly enable 
set voip enable 
unset filter
set filter-type include 
end
###########################
# Log Settings Device FortiGuard
###########################
#
# Disable fortiguard log because forticloud is 
# not in use. To enable fortiguard log ID of 
# forticloud is needed.
#
config log fortiguard setting
set status disable
unset source-ip
end
###########################
# Log Settings threat-weight
###########################
config log threat-weight
set status enable
config level
set low 5
set medium 10
set high 30
set critical 50
end
set blocked-connection high
set failed-connection low
set malware-detected critical
set url-block-detected high
set botnet-connection-detected critical
config ips
set info-severity disable
set low-severity low
set medium-severity medium
set high-severity high
set critical-severity critical
end
config web
edit 1
set category 26
set level high
next
edit 2
set category 61
set level high
next
edit 3
set category 86
set level high
next
edit 4
set category 1
set level medium
next
edit 5
set category 3
set level medium
next
edit 6
set category 4
set level medium
next
edit 7
set category 5
set level medium
next
edit 8
set category 6
set level medium
next
edit 9
set category 12
set level medium
next
edit 10
set category 59
set level medium
next
edit 11
set category 62
set level medium
next
edit 12
set category 83
set level medium
next
edit 13
set category 72
set level low
next
edit 14
set category 14
set level low
next
end
config application
edit 1
set category 19
set level critical
next
edit 2
set category 2
set level medium
next
edit 3
set category 6
set level high
next
edit 4
set category 8
set level high
next
end
end
###########################
# Log Settings Device Webtrends
###########################
config log webtrends setting 
set status disable
end
